Jump to content
nosirrah

Self defence

Recommended Posts

Has SUPERAntiSpyware added any self defense mechanisms since it was discovered that it was targeted by malware in this thread : http://www.castlecops.com/postx162898-0-0.html ?

I was experimenting with installing antimalware under the system account and can confirm that this can prevent the deletion of all files installed under the system account and can prevent access to the registry keys as well . This is highly inefficient because every time you want to update you have to log into the system account .

There has to be a better way to defend SUPERAntiSpyware against termination and deletion . This is the only way to prevent zero-day threats from killing it .

Share this post


Link to post
Share on other sites
Has SUPERAntiSpyware added any self defense mechanisms since it was discovered that it was targeted by malware in this thread : http://www.castlecops.com/postx162898-0-0.html ?

I was experimenting with installing antimalware under the system account and can confirm that this can prevent the deletion of all files installed under the system account and can prevent access to the registry keys as well . This is highly inefficient because every time you want to update you have to log into the system account .

There has to be a better way to defend SUPERAntiSpyware against termination and deletion . This is the only way to prevent zero-day threats from killing it .

Our next release has defense systems built it - we have samples of spyware that terminates any software that queries the process and have taken care of the problem.

Share this post


Link to post
Share on other sites

Cool . That is really my only complaint I have at this point . It seems that the current malware trends are to cripple known defenses with a new threat and then let malware in the hole .

Is there a way to check what is trying to kill SUPERAntiSpyware and send that file directly to your servers ? If there is a way to do this it would let your researchers get a huge jump on zero-day malware .

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×